Saltar al contenido
Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post
Acerca de re:Post

QuickSight Error: NO_SCOPEDOWN_POLICY_CONFIGURED – Unable to Refresh Manually, Duplicate, or Edit Dataset

0

Hi,

I'm encountering a recurring issue in Amazon QuickSight that has become quite frustrating due to the lack of a simple or documented fix, it occurs after user security changes.

sourceErrorCode: NO_SCOPEDOWN_POLICY_CONFIGURED sourceErrorMessage: No scopedown policies configured for user

Context: This happens when attempting to refresh, edit, or duplicate a dataset. The affected user is an Admin and the owner of both the dataset and the data source. Permissions are applied through Security & Permissions → IAM policy assignments, and the user is correctly included under the relevant assignment. All IAM and QuickSight permissions appear to be correctly configured.

Issue: Once this error appears, the dataset becomes unusable: I can’t refresh the dataset manually. I can’t duplicate it from the UI. I can’t edit its configuration or replace it.

Current Workaround: The only working solution I’ve found is to export and reimport the entire dashboard and its dependencies using the CLI:

aws quicksight start-asset-bundle-export-job
--aws-account-id 12345
--asset-bundle-export-job-id abc_
--resource-arns "arn:aws:quicksight:eu-west-2:12345:dashboard/12345"
--export-format QUICKSIGHT_JSON
--include-all-dependencies
--region eu-west-2 Then reimport using:

aws quicksight start-asset-bundle-import-job
--aws-account-id 12345
--asset-bundle-import-job-id abc_
--asset-bundle-import-source S3Uri="s3://xyz/abc_.qs"
--override-parameters '{"ResourceIdOverrideConfiguration": {"PrefixForAllResources": "abc_"}}'

After reimporting, the dataset works correctly again and the error no longer appears.

Temas
AnálisisAplicaciones empresarialesAprendizaje automático e IA
Etiquetas
Amazon Quick Sight
Idioma
English
preguntada hace 3 meses102 visualizaciones
1 Respuesta
1

I think the error is showing

The user’s identity and permissions (via IAM or SSO)
AND
QuickSight's internal "scopedown policy" logic for datasets — which restricts what rows, columns, or tables a user can access in row-level security (RLS) or restricted datasets.

Even if the user: Is Admin Owns the dataset and datasource Is covered by IAM policy assignments

...QuickSight still checks for scopedown policy metadata, and if it can't find a valid config post-permission change, it breaks access to that dataset for that user.

Recommended fix

Go to QuickSight Admin → Security & Permissions
Find the IAM or IAM Identity Center user
Create and assign a scopedown policy (even a permissive one)
Reopen or refresh the dataset
If the dataset works again, remove the scopedown policy

This "resets" the internal reference to scopedown metadata.

If the issue is isolated to a user, try reassigning the dataset: aws quicksight update-data-set-permissions
--aws-account-id 123456789012
--data-set-id your_dataset_id
--grant-permissions Principal=arn:aws:quicksight:region:account:user/default/new_user,Actions=quicksight:DescribeDataSet,quicksight:UpdateDataSetPermissions

Then have the new user try editing or duplicating the dataset.

Also, this might help but its good for automation or bulk correction Rebuild via Asset Bundle Export (as you’re doing) You're already using this as a workaround — it re-creates the dataset and dependencies without the corrupted scopedown reference.

aws quicksight start-asset-bundle-export-job ... aws quicksight start-asset-bundle-import-job ...

This is effective but inefficient — good for automation or bulk correction.

AWS
respondido hace 3 meses

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Contenido relevante